Skip to main content
SolarWinds MSP
  • Login
  • Support
  • Partnerships
    • Partnerships Overview
    • Solution Provider Program
    • Technology Alliance Program
    • Distributor Program
SolarWinds MSP
  • Products
    • Monitoring & Management
    • N-central Automate. Tackle complex networks. Get remote monitoring and management built for efficiency and scale.
    • RMM Start fast. Grow at your own pace. Try this powerful but easy remote monitoring and management solution.
    • Backup
    • Backup Get data protection for servers, workstations, applications, documents, and Microsoft 365 from one dashboard.
    • Security
    • EDR Defend against ransomware, zero-day attacks, and evolving threats with endpoint detection and response.
    • Mail Assure Leverage mail protection and archiving to keep your users safe from email threats and downtime.
    • Passportal Adopt and enforce best practices for password and documentation management with ease.
    • Tools & Services
    • MSP Manager Increase helpdesk efficiency with a robust PSA, ticketing, reporting, and billing management solution.
    • Take Control Help support customers and their devices with remote support tools designed to be fast and powerful.
    • View All
  • Solutions

    Solutions

    • Security Protect your customers and expand your business by offering layered security services without the complexity.
    • Monitoring Choose the right remote monitoring and management solution to meet you where you are and grow with you.
    • Operational Efficiency Boost profits by improving efficiency via automation, resources and training, and time-saving products.
    • IT Departments Keep your organization productive by easily managing IT from a single, easy-to-use, web-based dashboard.
    • Remote Monitoring Solutions Comparison Compare SolarWinds RMM and N-central side by side. Sign up to talk to a specialist to find the right fit.
    • View All
  • Resources
    • Download
    • Resource Library
    • Product Information
    • Free Tools
    • Learn
    • MSP Institute Webinar Series
    • Daily Live Demos
    • MSP Advice Project
    • Ask the N-central Experts
    • Upcoming Webcasts
    • Connect
    • Blog
    • Security Resource Center
    • Events
    • RMM Foundations Training
  • About
    • Company
    • About Us
    • Leadership
    • Careers
    • News & Press
    • Awards & Recognition
    • Support & Policies
    • Customer Success
    • Customer Support
    • Legal
    • Security
    • Get in Touch
    • Contact
    • Get a Quote
    • Worldwide Sales & Support
  • IT Departments
  • Contact Sales
    • Contact Sales
    • General Inquiry
    • Get a Quote
    • Worldwide Sales & Support
    • Talk to Specialist
    • Security Solutions
    • Monitoring Solutions
    • Operational Efficiency
  • Try Now
    • Monitoring & Management
    • N-central
    • RMM
    • Backup
    • Security
    • EDR
    • Mail Assure
    • Passportal
    • Tools & Services
    • MSP Manager
    • Take Control
  • Request a Quote
  • Try Now
    • SolarWinds RMM
    • SolarWinds N-central
    • SolarWinds Backup
    • MSP Manager
    • SolarWinds Mail Assure
    • SolarWinds Passportal
    • SolarWinds Risk Intelligence
    • SolarWinds Take Control
Request quote
Filter Blogs
  • Filter by:
  • MSP Business
    • Automation
    • Backup & Disaster Recovery
    • Security-series
    • Best Practices
    • Business
    • Business Growth
    • Business Risk
    • Cloud Computing
    • Customer Service
    • Cybersecurity
    • Cybersecurity Awareness Month
    • Data
    • GDPR
    • Internet of Things
    • IT Support
    • ITSM
    • LOGICcards
    • Machine Learning
    • Mail
    • Managed Services
    • Marketing
    • Mobile
    • Networking
    • Operations
    • Podcast
    • Product
    • PSA
    • Remote Management
    • Research & Trends
    • Risk Intelligence
    • Security
    • Security Vlog
    • Service Desk
    • Services & Support
    • The Head Nerds
    • Tips & Advice
    • Training
Home Blog MSP Business GDPR GDPR—Meeting the 72-hour breach notification period
GDPR

GDPR—Meeting the 72-hour breach notification period

By SolarWinds MSP
16 January, 2018

Beyond the Earth-Moon system, thousands of asteroids known as Near-Earth Objects (NEOs) are known to exist. These rocks periodically cross Earth’s orbit and make a close flyby of Earth. Over the course of millions of years, some even collide with the Earth, causing mass extinctions. Little wonder then why NASA’s Center for Near Earth Object Studies (CNEOS) is dedicated to monitoring the larger objects that occasionally come close to our planet.

SW-MSP_72hr-Reporting-Requirements-GDPR_BlogHeader_BT_v1.jpgIf you study astronomy, you’re likely familiar with the concept of NEOs, which are objects that could strike the earth and potentially cause an extinction event. For MSPs, data breaches can have the same effect on their businesses as NEOs can have on the Earth. The General Data Protection Regulation (GDPR) requirement to investigate and report data breaches within a 72-hour window can make data breaches feel just as threatening in terms of potential damages.

The GDPR text can feel vague when it comes to the data breach notification portion. However, what we can say with some certainty is that, at some point, you will likely have a customer who asks you to help them meet the data breach response requirements of GDPR. They might not even approach you—you could be the one to discover the potential breach. As a result, it’s important to know the facts about data breaches to be prepared. 

Statistics and Key Facts on Data Breach Reporting

72-hours.jpgAccording to article 33 of GDPR, the information required under GDPR for reporting a data breach includes:

  • The nature of the breach 
  • The name/contact details of the organization’s data protection officer
  • The likely consequences of the breach
  • The measures taken or proposed to be taken by the data controller to address the breach and mitigate its adverse effects  

This means you’ll need to determine these as best you can after discovering a breach—and report to the authorities within the 72-hour window if required. 

Concerned about the 72-hour deadline? Well, here are two statistics that are even more worrisome:

  • It takes an average of 191 days to identify a data breach 
  • Fewer than 19% of data breaches are self-detected 

Fortunately, the 72-hour reporting window starts from the moment the organization becomes aware of the breach. However, it’s pretty difficult to investigate a data breach that took place weeks or months earlier—remember that 191 days is the average time it takes to identify a breach. So, from an incident response perspective, the sooner the potential breach is detected, the better.

Those statistics paint a pretty bleak picture of the current state of data breach detection, investigation, and response. Once in effect, the GDPR will require MSPs to investigate and respond to all data breaches—and this could be made more difficult if they don’t move the detection needle from 191 days to closer to three.  To have a fighting chance of meeting this challenge, preparation, tools, and “a plan” is required. 

In terms of preparation, please see the GDPR Quick Win Strategy Guide blog post series (post 1, post 2, post 3, and post 4). These strategies could perhaps aid you in preventing customer data breaches altogether, but the top strategy for MSPs should be to fundamentally reduce the potential risk of a customer data breach in the first place.

Understanding Threats

databreach.jpgDespite your best efforts, a security incident can happen to a customer in an instant through a simple social engineering attack, misconfiguration, or undetected malware. Even a ransomware attack could fall into the category of a data breach, as GDPR defines it as, “a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data, transmitted, stored or otherwise processed.” Ransomware could fall under the “loss of data” category here. 

Fortunately, ransomware attacks are pretty blatant and are becoming easier to fix, as backup tools, best practices, and security technology have increasingly focused on this threat. For the vast majority of MSPs, ransomware attacks are likely to be the only security incident they’ll face. The latest numbers suggest 91% of cyberattacks and the resulting data breaches begin with a phishing email attack, and of those attacks, 93% of them are ransomware payloads.,

For almost every other security incident, you will likely need to examine the type of data breach and what type of contact there may have been from the cybercriminals. This may include determining the nature of the data breach or identifying what data was stolen, tampered with, or permanently destroyed. You may also need to determine if the cybercriminals contacted your customer or their customers. If so, then you may be dealing with a law enforcement matter, as it’s possible that an extortion or blackmail attempt may be made against your customer.

Types of Security Incidents

A security failure leading to a data breach (other than ransomware, which is pretty obviously a data availability issue) can generally be assigned into one of three categories: 

  • Unauthorized disclosure of data subject’s personal information 
  • Tampering with or altering of a data subject’s personal data by an unauthorized party
  • Denial of access to a data subject’s personal data

Thus, if “Bothan” cybercriminals steal the plans to your company’s “Death Star,” and the Imperial personnel records or Imperial customer’s records were not included or impacted in any way, the good news is,  GDPR may not be relevant, even if those “Death Star” plans were your firm’s life’s work. 

If you find data subjects’ personal data was potentially impacted by the data breach, you will need to determine the level of harm and consequences of the breach. SolarWinds MSP’s GDPR guidebook can help point you in the right direction on understanding the severity of the situation and the potential impact of the stolen data.

After that, it’s time to help your customer determine what course of action to take. You may need to make changes to process, procedures, and technology, and you may need to contact the customers who have been impacted if required. Once it’s known that personal data was involved, it’s best to be extra meticulous in documentation and action. Your area’s Supervisory Authority may need to be notified of the breach—so you’ll want to have documentation of all your good- faith efforts. 

What to Expect During a Data Breach Incident

As an MSP—and possibly first responder to a data breach situation—all the work you have done will come under scrutiny. But if you stand by your customer by documenting and performing your due diligence, the 72-hour breach notification will be unlikely to cause an extinction event for your customer. 

 

Sources:

1. “Astronomers Practice Responding to a Killer Asteroid,” Universe Today. https://www.universetoday.com/137789/astronomers-practice-responding-killer-asteroid/ (accessed November 2017).

2. “Data Breach Notification Under the GDPR: Issues to Consider,” Browne Jacobson LLP. https://www.brownejacobson.com/training-and-resources/resources/legal-updates/2016/03/data-breach-notification-under-the-gdpr-issues-to-consider (accessed November 2017).

3. “Art. 33 GDPR: Notification of a Personal Data Breach to the Supervisory Authority,” Intersoft Consulting. https://gdpr-info.eu/art-33-gdpr/ (accessed November 2017).

4. “2016 Ponemon Institute Cost of Data Breach Study,” IBM and Ponemon Institute. https://www.ibm.com/security/data-breach/index.html (accessed November 2017).

5. “The Data Breach Detention Gap and Strategies to Close It,” Infocyte. https://www.infocyte.com/breach-detection-gap-conf (accessed November 2017).

6. “Article 4: EU GDPR Definitions,” SecureDataService. https://www.privacy-regulation.eu/en/4.htm (accessed November 2017).

7. “Enterprise Phishing Susceptibility and Resliency Report,” PhishMe. https://phishme.com/enterprise-phishing-susceptibility-report (accessed November 2017).

8. “2016 Q1 Malware Report,” PhishMe. https://phishme.com/project/phishme-q1-2016-malware-review/ (accessed November 2017).

 

This document is provided for informational purposes only and should not be relied upon as legal advice or to determine how the EU General Data Protection Regulation (GDPR) may apply to you and your organization. We encourage you to work with a legally qualified professional to discuss GDPR, how it applies to your organization, and how best to ensure compliance. SolarWinds MSP makes no warranty, express or implied, or assumes any legal liability or responsibility for the information contained herein, including the accuracy, completeness, or usefulness of any information. 

 

© 2018 SolarWinds MSP UK Ltd. All Rights Reserved.

You might also like...
GDPR

GDPR: Backup and Retention Strategies

GDPR

Identifying and Architecting Data for GDPR Success

Security

February 2021 Patch Tuesday: Many “Exploitation More Likely” and an update to a Netlogon fix from last year

Security

What Do Auto Racing and EDR Have in Common?

Automation

What the Head Nerds Were Up to in 2020

Security

January 2021 Patch Tuesday: One Actively Exploited Vulnerability and a Few Likely to Be

Want to stay up to date?

Get the latest MSP tips, tricks, and ideas sent to your inbox each week.

Loading form....

If the form does not load in a few seconds, it is probably because your browser is using Tracking Protection. This is either an Ad Blocker plug-in or your browser is in private mode. Please allow tracking on this page to request a subscription.

Note: Firefox users may see a shield icon to the left of the URL in the address bar. Click on this to disable tracking protection for this session/site

Recent Posts
  • Three things I learned working for an MSP
  • Earning word-of-mouth referrals for your IT business
  • Backup automation part 1: Deploying backup devices
  • Ultimate Guide: MySQL Backup
  • Most common automation requests and how to solve them: Ep 2
Categories:
  • Security (240)
  • Tips & Advice (130)
  • Best Practices (97)
  • Backup & Disaster Recovery (96)
  • Managed Services (89)
  • The Head Nerds (82)
  • Business Growth (79)
  • IT Support (43)
  • Business (41)
  • Automation (40)
  • Operations (38)
  • Cybersecurity (37)
  • Mail (33)
  • Remote Management (30)
  • ITSM (26)
  • Networking (22)
  • Data (21)
  • Cloud Computing (21)
  • Marketing (15)
  • PSA (13)
  • Product (11)
  • Service Desk (6)
  • Services & Support (5)
  • Mobile (4)
  • Risk Intelligence (4)
  • GDPR (3)
  • Internet of Things (3)
  • Customer Service (3)
  • Research & Trends (2)
  • Training (2)
  • Business Risk (1)
  • LOGICcards (1)
  • Cybersecurity Awareness Month (1)
Show moreless
SolarWinds MSP

Products
  • SolarWinds RMM
  • SolarWinds N-central
  • SolarWinds Backup
  • SolarWinds EDR
  • SolarWinds MSP Manager
  • SolarWinds Mail Assure
  • SolarWinds Risk Intelligence
  • SolarWinds Take Control
  • SolarWinds Passportal
  • All Products Use Cases
Solutions
  • Security Solutions
  • Monitoring Solutions
  • Efficiency Solutions
  • Identify which RMM solution is right for me
  • Drive Efficiency with Automation
  • Manage my MSP Business More Efficiently
  • Manage my IT Department More Efficiently
  • Layered Security
  • Cross-Platform Support
  • Data-Driven Insights
About
  • About Us
  • Careers
  • Newsroom
  • Leadership Team
  • Upcoming Events
  • Subscription Preferences
  • SolarWinds
  • SolarWinds Trust Center
  • COVID-19 Response
Support
  • SolarWinds RMM
  • Solarwinds N-central
  • SolarWinds Backup
  • SolarWinds Mail Assure
  • SolarWinds Take Control
  • SolarWinds MSP Manager
  • Solarwinds Risk Intelligence
  • Solarwinds Threat Monitor
  • SolarWinds Passportal
  • SolarWinds Take Control Downloads
  • Backup & Recovery Downloads
  • Service Status

Footer 2

  • Legal Documents
  • Privacy
  • California Privacy Rights
  • Security Information
  • Sitemap

© SolarWinds MSP Canada ULC and SolarWinds MSP UK Ltd.
All Rights Reserved.